- This pack is targeted for collections of Carbon Black events
- The Carbon_Black pipeline inside the pack includes Sample files for testing and multiple examples of Dropping events
- Furthermore, the pipeline show example of shaping the events into JSON before sending the event to the Analytics store
Carbon Black Event types details can be found here:
https://www.carbonblack.com/products/vmware-carbon-black-cloud-endpoint/
- Event reduction: Expect 30% reduction in total size using Drop or Sampling.
- Event shaping: Expect the pack to shape the events into JSON format
Before you begin, ensure that you have met the following requirements:
- Create a Route with a filter for your Carbon Black Pack
- Select the
CriblCarbonBlackpack as the pipeline.
Carbon Black events pack Initial release! Support for: VMWare Carbon Black events
Discuss this pack on our Community Slack channel
The author of this pack is Raanan Dagan and can be contacted at [email protected].
This Pack uses the following license: Apache 2.0.